Security Engineer & Analyst

To strengthen our Big Data & Cybersecurity team in Zurich we are looking for a Security Engineer (m/f/d)

About the Role

As a Security Engineer, you will play a key role in strengthening our organization’s cyber resilience. You will govern our vulnerability and patch management processes, expand our security monitoring capabilities (SIEM & EDR), and actively contribute to incident response and threat hunting activities – all without 24/7 shift work.

You’ll be part of a dedicated operational security team that continuously enhances detection, response, and risk governance in both IT and OT environments.

Your Main Responsibilities

Vulnerability & Patch Management

• Govern and coordinate the vulnerability and patch management lifecycle.
• Support stakeholders in risk evaluation, risk acceptance requests, and remediation tracking.

Security Engineering

• Expand, administer, and maintain our SIEM and EDR infrastructure.
• Keep security-relevant systems and components up to date.
• Develop new detections, integrations, and dashboards to improve visibility.

Incident Handling & Threat Hunting

• Triage, investigate, and respond to security incidents according to defined playbooks.
• Conduct proactive threat hunting using threat intelligence and behavioral analytics.
• Perform log analysis and correlation to identify anomalies and potential intrusions.

Risk & Compliance Support

• Apply contractual and regulatory obligations within Eviden Switzerland.
• Ensure adherence to internal security policies, standards, and legal requirements.
• Develop, monitor, and report security KPIs to continuously improve operations.

What You Bring

• A bachelor’s or master’s degree from a technical university with a focus on Information Technology, or a completed EFZ apprenticeship in IT with proven professional experience in the field of cybersecurity.
• 3–5 years of experience in information security, ideally in a security engineering or operations role.
• Strong Linux skills and solid understanding of network and endpoint security concepts.
• Familiarity with frameworks such as ISO 27001 ISMS, NIST, or BSI IT-Grundschutz.
• Hands-on experience with SIEM platforms (experience with Elastic preferred).
• Relevant certifications such as CompTIA CySA+, SSCP, Security+, GSEC, or equivalent is a minimum.
• Analytical mindset, curiosity, and the ability to independently identify and resolve issues.
• Eligibility or willingness to undergo Swiss security clearance “PSP - Personensicherheitsprüfung”.
• Excellent communication skills with all levels of stakeholders, suppliers, and third parties – including face-to-face meetings, teleconferences, and presentations.
• A positive attitude and collaborative spirit, with the ability to thrive in multicultural teams.
• Business-fluent in English and German; any additional language is an asset.